Enhancing WLAN Security

Computerworld - The recent proliferation of high-speed wireless portable devices has resulted in a significant demand for wireless LAN. While WLANs offer tremendous flexibility to the mobile user, compared with their wire-line equivalents, WLANs are more susceptible to security threats because data is transmitted through the air.

While encryption technology provides protection against most security threats, intruder-generated security threats are still possible. Two types of intrusion threats that are easy to launch are traffic monitoring and passive eavesdropping.

Traffic monitoring is typically performed by an intruder that is outside the perimeter of the enterprise, whereby he observes the traffic flow, and makes assessments about the 1) nature of traffic, 2) amount of traffic and 3) load on the network.

Passive eavesdropping on the other hand, generally occurs from within the perimeter. The intruder could use the information gathered by way of traffic monitoring combined with passive eavesdropping to attack users as well as the network. Early detection of such intrusions could help service providers proactively address the impending attacks.

This article explores the ways and means for containing these two threats with the use of smart antenna systems and describes a layered security architecture that addresses the general security threats.

Smart antennas for WLANs

The most basic form of an antenna is the omni-directional antenna element, which has a spherical region of coverage in an ideal outdoor usage scenario. However, when indoors, radio propagation leads to interferences due to phenomena such as multipath effects.

A directional antenna element, on the other hand, has a preferred transmission and reception direction that reduces interferences due to multipath effects. A number of directional antennas can be used to increase the range of transmission so as to establish point-to-point connectivity. When more complex patterns consisting of angular sectors of coverage are required, a sectorized antenna that uses several directional antennas is used.

A more advanced solution is a smart antenna system that combines multiple antenna elements with intelligent signal processing. When used within an 802.11 access point (AP), it provides the following benefits: interference reduction, multipath reduction, increased network capacity and efficient utilization of battery power. These benefits are due to its ability to automatically change the direction of transmission and reception patterns in adaptive response to changes in the environment.

Smart antenna systems may be broadly categorized into two types: switched beam antenna and adaptive array. The switched beam antenna system uses multiple fixed beams with each beam having a different sensitivity, thereby resulting in system sensitivity that varies with direction, with the result that the system can switch reception direction as a mobile communicating client changes its location. The adaptive antenna array system uses advanced signal processing to effectively locate and track various types of signals, which dynamically minimizes interference and maximizes signal reception.